Week 14 in Review – 2012

AppSecDC Recap: Old Webshells, New Tricks – novainfosecportal.com
Back in the day web shells were all the rage so I was curious what “new” was happening in this area. Ryan Kazanciyan started off with a summary of some of the more poplar web shells he’s seen in the past several years.

AppSecDC Recap: Python Basics for Web App Pentesters – novainfosecportal.com
I had the opportunity to attend the “Python Basics for Web App Pentesters – Part 2″ by Justin Searle. Being someone that hasn’t program for a good number of years, this Python talk really appealed to me.

AppSecDC Recap: SharePoint Security 101 – novainfosecportal.com
I’ve written about SharePoint security before and my opinion was that it’s getting much better however they have a lot of insecure stigma to shake off. Additionally, securing it can be done however it may become very cumbersome to manage in large environments.

InfoSec Southwest 2012 Ripe Hashes – korelogic.com
As part of a recent presentation for the InfoSec Southwest conference (http://www.infosecsouthwest.com/), KoreLogic scoured the Internet looking for MD5 and SHA1 password hashes.

Towards Firmware Analysis – sensepost.com
While I was evaluating a research idea about a SCADA network router during the past week, I used available tools and resources on the Internet to unpack the device firmware and search for interesting components.

Fusion Advancing exploit mechanisms – exploit-exercises.com
Fusion is the next step from the protostar setup, and covers more advanced styles of exploitation, and covers a variety of anti-exploitation mechanisms.

X-Frame-Options – blog.whitehatsec.com
What is it and why should I care? X-Frame-Options (moving towards just Frame-Options in a draft spec – dropping the X-) is a new technology that allows an application to specify whether or not specific pages of the site can be framed. This is meant to help prevent the clickjacking problem.

Getting your message across: Screenshots – blog.c22.cc
Since I’ve finally started doing something with pentestreports.com I thought it was time to write-up some interesting content. Seeing as this one has been bugging me for a while, I thought it would make an interesting starting point. As always, comments are welcomed and encouraged!

GooDork Command Line Google Dorking/Hacking Tool – darknet.org.uk
GooDork is a simple python script designed to allow you to leverage the power of Google Dorking straight from the comfort of your command line. There was a GUI tool we discussed a while back similar to this – Goolag – GUI Tool for Google Hacking.

Medusa 2.1 Release – foofus.net
What is Medusa? Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net.

Enema is Powerful tool for SQL injection – pentestit.com
Enema is not autohacking software. This is dynamic tool for people, who knows what to do. Not supported old database versions (e. g. mysql 4.x). Development targeted to modern versions.

Adobe open sources Malware Classifier tool – h-online.com
Adobe has open sourced a tool for analysing and classifying malware to help security first responders, including malware analysts and security researchers. Called “Adobe Malware Classifier”, the command-line tool is written in Python and was originally created for internal use by the Adobe Product Security Incident Response Team (PSIRT) “for quick malware triage”.

Dissecting the SQL Injection Tools Used By Hackers – blog.imperva.com
Recently, during a presentation to a group of security professionals, an impromptu poll was taken asking attendees whether they were familiar with Havij, a SQL injection tool used heavily in the hacking community.

Web tool checks if your Mac is Flashback-free – cnet.com
Have you been put off by the work required to find out if your machine is one of the unlucky ones infected with the Trojan? There’s a new Web app that will check your Mac.

Intersect version 2.5 update – github.com
Intersect is a post-exploitation framework written in Python. The main goal of this project is to assist penetration testers in the automation of many post exploitation and data exfiltration tasks that they would otherwise perform manually. With the Intersect framework, users can easily build their own customised scripts from the pre-built templates and modules that are provided or they can write their own modules to add additional or specialised functionality. As of the time of writing, there are almost 30 separate modules to choose from and more are added almost daily.

windows privilege escalation via weak service permissions – travisaltman.com
When performing security testing on a Windows environment, or any environment for that matter, one of the things you’ll need to check is if you can escalate your privileges from a low privilege user to a high privileged user.

Another Approach To Tracking ReadFile – dvlabs.tippingpoint.com
We often receive fuzzed file submissions, which at times can be agonizing to analyze. Tools help a lot here, as we have shown in previous posts, such as with Peter’s awesome write up on hooking ReadFile and MapViewOfFile.

Apple’s security code of silence: A big problem – news.cnet.com
Security industry insiders have long known the Mac platform has its holes. The Flashback Trojan is the first in-the-wild issue that’s confirmed this, and big-time. More will follow unless Apple steps up its game.

Global Payments: 1.5MM Cards Exported – krebsonsecurity.com
Global Payments, the credit and debit card processor that disclosed a breach of its systems late Friday, said in a statement Sunday that the incident involved at least 1.5 million accounts.

Malware

Most Popular Internet Sites Consistently Serving Up Malware – darkreading.com
According to a new malware report issued last week by Barracuda Labs, 58 of the sites listed among Alexa’s top 25,000 most popular websites are delivering drive-by downloads of malicious code, potentially affecting millions of users each day.

New Android Malware Variant Can Remotely Root Phone – threatpost.com
A new version of Android malware has been tweaked so it doesn’t require user interaction for an attacker to own the device, according to research published by Lookout Mobile Security yesterday.

SQL Injection

SQL Injection through HTTP Headers – resources.infosecinstitute.com
During vulnerability assessment or penetration testing, identifying the input vectors of the target application is a primordial step. Sometimes, when dealing with Web application testing, verification routines related to SQL injection flaws discovery are restricted to the GET and POST variables as the unique inputs vectors ever.

SQL Injection Still Slams SMBs – darkreading.com
In spite of recent data from some firms showing the decline of SQL injection attacks as compared with other cybercrime methods, a new survey released this week shows that among SMBs concerned about database security, thwarting SQL injection attacks remains their highest priority.

Why an outdated Java Plugin is so serious – blog.mozilla.com
Recently, Mozilla responded to an imminent threat to Firefox users who have an outdated Java plugin installed: Vulnerable versions of the plugin were blocked automatically.

Hotel Wifi JavaScript Injection – justinsomnia.org
I probably wouldn’t have thought much of it, except my blog had recently been hacked (someone had gained elevated access to my web hosting account and prepended every single PHP file with a base64 encoded rootkit), so I immediately decided to view the source.

Other News

Hacking in China

Anonymous hacks hundreds of Web sites in China – news.cnet.com
The online hacktivist group defaces government and commercial sites with a message predicting the downfall of the Chinese government, although no central government sites appear to have been compromised.

Massive firewall vendor lets domain expire – domainincite.com
Check Point Software, one of the world’s leading firewall vendors, forgot to renew its main domain name and it wound up parked by its registrar over the weekend.

CabinCr3w Hacker Arrested by FBI – threatpost.com
Federal authorities have arrested a Texas man accused of working for the hacking group CabinCr3w, a group that once targeted Goldman Sachs CEO LLoyd Blankfein.

Hacker jailed for stealing 8 million identities – zdnet.com
A British hacker has been sentenced to 26 months for stealing 200,000 PayPal accounts, 2,701 bank card numbers, as well as 8,110,474 names, dates of birth, and postcodes of U.K. residents.

[…] Broken Xbox 360s Made My Baby CryHackers can steal credit card data from used Xbox 360sThoughts on the XBox 360s Potential in ChinaXbox 360 Professional Repairs – Common Problems and Solutions for Xbox 360Comcast access to the HBO Go app on Xbox 360 is live : GadgetgoSkyrim Kinect For Xbox 360 Enables Dragon Shouts And MoreNews Roundup 2nd April — The Average GamerHigh Noon: The Confusing Lack of Spaghetti Western GamesWeek 14 in Review – 2012 […]

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.